Mark Clancy is intimately familiar with the in’s and out’s of cyber hacking attacks. As managing director and Corporate Information Security Officer at the Depository Trust and Clearing Corporation (DTCC), Clancy’s job is to pay attention to how crooks use virtual highways to steal data and assets — and stay a step ahead. Today that means much more than loading up some anti-virus software and patching an operating system.
“Mass attacks still continue, but the more sophisticated ones are targeted attacks,” says Clancy. “This style uses social engineering where they collect information they can find on the Internet about a broker or a client, and then send an email so the conversation seems more plausible. And in the broker/dealer world, bad guys are going after more high-net-worth clients. You go where the money is.”
Cyber attacks are not just the territory of large Wall Street firms—independents too have chinks in their armor. And while an 8-man advisory may not have seemed like the prime target for a hack a few years ago, that’s no longer true as criminals have gotten more specific about who they target, in an effort to maximize their return on investment.